Silent authentication

Silent authenticationClient-side

get/social/{cross_social_provider_name}/cross_auth

Exchanges the user JWT from Steam, Xbox, or Epic Games for the JWT in your project (projectId).

You will get the link to redirect the user to your project.

To enable silent authentication, use the instruction.

Request

path Parameters

cross_social_provider_name

required

string

Name of the platform the user authorized in. Can be steam, xbox, epicgames.

query Parameters

projectId required	string <uuid> Login project ID from Publisher Account.
login_url	string URL to redirect the user to after account confirmation, successful authentication, two-factor authentication configuration, or password reset confirmation. Must be identical to the Callback URL specified in the URL block of Publisher Account. For the scenario of a login error, the value should be identical to the the Error callback URL specified in the URL block of Publisher Account. To find the settings, go to Login > your Login project and select the Callback URLs section in the upper block. Required if there are several Callback URLs.
fields	Array of strings non-empty List of parameters which must be requested from the user or social network additionally and written to the JWT. The parameters must be separated by a comma. For example, `email`. When the `email` is requested and the social network did not respond with the `email` value: the user will be asked to input their email in the corresponding form if you integrated Login Widget, the user must be asked to input their email in the corresponding form of your own interface if you integrated Login API. Please send the URL of this form to your Customer Success Manager. After the email is inputted, the user receives an email confirmation message. To disable email confirmation, please contact your Customer Success Manager.
session_ticket	string Session ticket received from the platform encoded according to the Base64 standard.
payload	string Your custom data. The value of the parameter will be returned in the `payload` claim of the user JWT. Recommended maximum length less than 500 characters. Note, that this parameter is only available if you use a custom user data storage.
with_logout	string Default: "0" Shows whether to deactivate the existing user JWT values and activate the one generated by this call. Can have the following values: `1` to deactivate the existing values and activate a new one, `0` to keep the existing values activated.
app_id	string Your app ID on the platform. Required if the platform where the user is authorized is Steam.
code	string Code received from the platform.
is_redirect	boolean Default: true Shows how the Xsolla Login server should respond. If you set: `true` value, the Xsolla Login server returns the 302 response code. URL for user redirection with user JWT will be in the `Location` header. `false` value, the Xsolla Login server returns the 200 response code. URL for user redirection with user JWT will be in the response body.
no_user_creation	boolean Default: false Do not create new user if they not exist yet. Existing users will be authorized as usual

Responses

200

302

Redirection

400

Bad Request

404

Not Found

422

Unprocessable Entity

429

Too Many Requests

Request samples

curl --request GET \
  --url 'https://login.xsolla.com/api/social/{cross_social_provider_name}/cross_auth?projectId=SOME_STRING_VALUE&login_url=SOME_STRING_VALUE&fields=SOME_ARRAY_VALUE&session_ticket=SOME_STRING_VALUE&payload=SOME_STRING_VALUE&with_logout=0&app_id=SOME_STRING_VALUE&code=SOME_STRING_VALUE&is_redirect=true&no_user_creation=false'

Response samples

application/json

{"login_url": "string"
}